FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3749ae9e-f132-11ea-97da-d05099c0ae8c	MPD -- multiple vulnerabilities Chen Nan of Chaitin Security Research Lab reports: Fix buffer overflow introduced in version 5.8: processing of template %aX in a RADIUS authentication response might lead to unexpected termination of the mpd5 process. Installations not using RADIUS or not using %aX templates in RADIUS attributes were not affected. Fix buffer overflow in parsing of L2TP control packets introduced in version 4.0 that initially brought in L2TP support: a specially crafted incoming L2TP control packet might lead to unexpected termination of the process. Installations with neither L2TP clients nor L2TP server configured are not affected. Discovery 2020-09-06 Entry 2020-09-07 mpd5 < 5.9 CVE-2020-7465 CVE-2020-7466 http://mpd.sourceforge.net/doc5/mpd4.html#4

VuXML ID

Description

3749ae9e-f132-11ea-97da-d05099c0ae8c

MPD -- multiple vulnerabilities

Chen Nan of Chaitin Security Research Lab reports:

Fix buffer overflow introduced in version 5.8: processing of template %aX in a RADIUS authentication response might lead to unexpected termination of the mpd5 process. Installations not using RADIUS or not using %aX templates in RADIUS attributes were not affected.

Fix buffer overflow in parsing of L2TP control packets introduced in version 4.0 that initially brought in L2TP support: a specially crafted incoming L2TP control packet might lead to unexpected termination of the process. Installations with neither L2TP clients nor L2TP server configured are not affected.

Discovery 2020-09-06
Entry 2020-09-07
mpd5

< 5.9

CVE-2020-7465
CVE-2020-7466
http://mpd.sourceforge.net/doc5/mpd4.html#4